Phishing meaning

In a report released on 12 August 2025, Mimecast stated that fraudsters had been sending emails claiming to be from the Home Office to UK organisations, with fake urgent warnings about compliance issues or suspensions of sponsorship licences...

FraudTrack 2025 BDO Global’s FraudTrack 2025 reports that £337m is recorded as having been laundered between December 2023 and November 2024, though the real total is probably higher. Money laundering from criminal proceeds made up 61% of the overall reported value of fraud and economic crime. Non-corporate fraud, covering phishing scams and identity theft, followed next, contributing around 20%. The study also notes that the value of reported fraud and economic crime in the UK remains on a long-term downward trajectory, dropping 76% to £550m over the previous twelve months, down from £2.3bn in 2023. BDO attributed this reduction to a decrease in instances of high-value fraud. Stephen Peters, a partner at BDO and its head of investigations, said in a statement that the data indicates fraud continues to evolve...

In this issue: Data protection Financial sanctions Other financial crime Cybersecurity Daily and weekly news alerts Trackers New and updated content Data protection ICO releases report on prevalence of data breaches and steps to prevent breaches The Information Commissioner’s Office (ICO) has published a report setting out data on the scale of data breaches. It offers practical guidance to help organisations identify frequent security weaknesses, bolster protections and prevent future incidents before they arise. The report highlights five principal causes of cyber security breaches: phishing, brute force attempts, denial of service, errors and supply chain attacks. For each area, it describes how attacks unfold, key considerations to reduce risk and likely developments ahead. See: LNB News 10/05/2024 35. Financial sanctions Law Society makes recommendations on Russian sanctions The Law Society of England and Wales has submitted recommendations to the Treasury Select Committee’s inquiry into Russian financial sanctions, noting that these would...

This Practice Note distils the principal insights from the National Cyber Security Centre (NCSC) publication Cyber Threat Report: UK Legal Sector, and also draws on data in the Solicitors Regulation Authority (SRA) Cyber security thematic review (September 2020) together with the SRA’s Information security and cybercrime risk outlook. Headline facts and figures The cyber threat facing the UK legal sector is substantial, with reported incidents rising sharply over recent years. The financial and reputational fallout for law firms is likewise considerable. Costs can arise from: the incident itself remediation and recovery restoring damaged reputations The SRA’s thematic review noted that three quarters of the firms it visited stated they had been targeted by a cyber attack. Others reported that cyber criminals had directly approached their clients during live legal transactions. Although not every incident resulted in client financial loss, in 23 of the 30 matters where firms were directly targeted, more than £4m of client money was stolen. Of...

The issue Sadly, pandemics trigger spikes in criminal online activity; such crises give fraudsters a hook to target people across the globe. As many of us work remotely, we must stay alert to cyber-attacks against both home and workplace systems. Throughout the coronavirus pandemic, criminals are exploiting the situation to pose as local or national governments, regional or global health organisations, and trusted news outlets. Beyond phishing emails, they are also using: text messages to mobiles claiming to be from official bodies, e.g. the UK Government; bogus pandemic-themed websites that deliver malware and malicious apps; impostors pretending to be VPN or portal support to harvest employee credentials. What we need from you It remains essential to use only standard procedures and company-issued IT tools during a pandemic. Any variations to our processes must be fully recorded, reviewed and approved by management, and shared via normal internal communication channels...

Quarter 1—Confidential information This quarter’s pointers and reminders focus on carefully managing confidential information. For more detailed guidance, please refer to the following resources and policies: [ insert, eg Clear desk and clear screen policy ] [ insert, eg Remote working and removable media policy ] [ insert, eg Cybercrime prevention strategy and incident management plan ] [ insert, eg Confidentiality and disclosure policy ] [ insert, eg Information management and security policy ] [ insert, eg Internet, email and communications policy ] [ insert, eg Bring your own device (BYOD) policy ] [ insert, eg Generative AI policy ] Month 1—Think ‘secure’ You handle significant and sensitive work. We all share a responsibility to ensure it remains protected and confidential. Always remember to lock your computer or any device when it’s not in use. Doing so helps to safeguard devices and keeps those vital matters confidential. For more details, see our...

Phishing occurs when someone sends an electronic message, such as an email, intended to deceive recipients, to capture sensitive data—like identities, passwords, and credit card details—or to obtain money by prompting a transfer of funds under false pretences. It steals money or sensitive details too. Our strongest defence against falling for a phishing email is learning to recognise the signs and knowing what to do about them. The table below explains how to identify a phishing email or a phoney request and what to do...